I'm looking for help to finalize macOS enrollment through Apple Business Manager (ABM) and Intune. We have our sync and profile ready, but I want to achieve a complete 'zero-touch' workflow, meaning users authenticate with Google SSO during the Setup Assistant. I need to ensure that all apps and configurations are pre-installed silently before they even reach the desktop. Once logged in, users will sign into the Company Portal with their Microsoft E5 account for compliance and licensing. The goal is to minimize user interaction during setup: Google for machine login and Microsoft for E5 features. If anyone could help me configure the Modern Authentication settings and the necessary SSO extensions for this process, I'd really appreciate it!
1 Answer
Have you started configuring anything in your test tenant? If this is your first time with Intune on macOS, you'll need some hardware for testing your enrollment configurations. Since you mentioned finalizing your enrollment, it might be wise to set up a basic enrollment configuration first. You can find tons of resources in the MacAdmins community that can guide you along the way. I recommend reviewing Microsoft's documentation on device enrollment, especially this [deployment guide](https://learn.microsoft.com/en-us/intune/intune-service/fundamentals/deployment-guide-platform-macos) to get started. Don't feel discouraged! Intune has improved significantly for macOS management, and community support can be invaluable.
Thanks for the documentation! I’ll check it out today.
I've been managing Intune for Windows for years, but macOS is new to me. I have devices in ABM with a deployment profile, but they're not showing in Entra until enrollment, so my dynamic group isn't able to push apps and configurations in time. I want to keep 'Enroll without user affinity,' but users need to use Google SSO and have everything deployed before reaching the desktop. Right now, the MacBook enrolls but applies nothing. Any advice on getting this flow to work so the device connects to the security group during OOBE?